back to website

Werk #12547: Fix possible XSS on audit log page

Component Setup
Title Fix possible XSS on audit log page
Date Mar 12, 2021
Level Trivial Change
Class Security Fix
Compatibility Compatible - no manual interaction needed
Checkmk versions & editions
2.1.0b1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)
2.0.0p1 Checkmk Raw (CRE), Checkmk Enterprise (CEE), Checkmk MSP (CME)

Displaying the detail text of changes could trigger execution of arbitrary javascript code that was previously stored by a modification made to the configuration. This issue may affect users of the setup of previous 2.0.0 versions.

To the list of all Werks

The Checkmk logo (formerly known as Check_MK) is a trademark of Checkmk GmbH. ©2025 Checkmk GmbH. All rights reserved.

Join our hybrid Monitoring Community event from May 20-22 in Munich and learn more about the latest Checkmk features and our roadmap at the Checkmk Conference #11

Register now